^^^^ 




a United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



09/921,543 



08/02/2001 



28875 7590 06/24/2005 

Zilka-Kotab, PC 
P.O.BOX 721120 
SAN JOSE, CA 95172-1120 



Charles L. Vigue 



NAIIP275/0I.014.01 



6834 



EXAMINER 



HENNING, MATTHEW T 



ART UNIT 



PAPER NUMBER 



2131 

DATE MAILED: 06/24/2005 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



wTTice MCiion ouuifnary 


Application No. 

09/921.543 


Applicant(s) 

VIGUEET AL 


Examiner 

Matthew T. Henning 


Art Unit 

2131 




" The MAILING DATE of this communication appears on the cover sheet with the correspondence ac 


f dress — 



Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timety filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 30 March 2005 , 
2a)S This action is FINAL. 2b)n This action is non-final. 

3) 0 Since this application is in condition for allowance except for fomnal matters, prosecution as to the merits is 

closed in accordance with the practice under £x parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-11 and 13-25 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) 13 Claim(s) 1-11 and 13-25 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 02 August 2001 is/are: a)S accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing{s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3, n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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This action is in response to the communication filed on 3/30/2005. 



DETAILED ACTION 



Claims 1-11, and 13-25 have been examined and claim 12 has been cancelled. 



2 



All objections and rejections not set forth below have been withdrawn. 



Title 



3 



The title of the invention is acceptable. 



Priority 

4. The apphcation has been filed under Title 35 U.S.C §119, claiming priority to provisional 
applications I. 60/282,333 filed 4/9/2001, and 11. 60/298,681 filed 6/1 8/2001. Applicant's claim 
for domestic priority under 35 U.S.C. 1 19(e) is acknowledged. However, the provisional 
application I. upon which priority is claimed fails to provide adequate support under 35 
U.S.C. 1 12 for claim 2-3, 9-10, 13-14, and 16-17 of this application. Provisional application I. 
does not include support for verifying the resource integrity through a the use of a digital 
signature. There is, however, support for this subject matter in provisional application II. 

6. Therefore, the effective filing date for the subject matter defined in the pending claims in 
this application is 6/18/2001. 

Information Disclosure Statement 

7. The information disclosure statement (IDS) submitted on 12/1 1/2003 is in compliance 
with the provisions of 37 CFR 1.97. Accordingly, the examiner is considering the information 
disclosure statement. 



Drawings 



8. 



The drawings filed on 8/2/2001 are acceptable for examination proceedings. 
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Claim Rejections - 35 USC § 112 

9. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

10. Claims 13-14 are rejected under 35 U.S.C. 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

1 1 . Claims 13-14 depend from cancelled independent claim 12. Therefore, the status of these 
claims is unclear. Also, if these claims were meant to remain pending, it is unclear what is 
meant to be claimed by these claims and therefore scope of these claims is unclear. As such, 
claims 13-14 are rejected for failing to particularly point out and distinctly claim the subject 
matter which the applicants regard as the invention. For the purposes of searching prior art, the 
examiner will assume that these claims were meant to depend from claim 8. 

Claim Rejections - 35 USC §103 

12. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patentability shall not be negatived 
by the manner in which the invention was made. 

13. Claims 1, 4-7, 15, and 18-25 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Peng (US Patent Number 6,3 17,754), and further in view of Delaney et al. (US Patent 
Number 6,374,289) hereinafter referred to as Delaney. 
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14. Regarding claim 1, Peng disclosed a method for securely sharing resources over a peer- 
to-peer network (See Peng Col. 2 Lines 50-67), comprising: broadcasting a request by a 
requesting peer for a resource over the peer-to- peer network wherein the request contains an 
identification of the resource and the resource identification contains a resource version identifier 
(See Peng Fig. 7 and Cols. 5-6 steps 1 and 3); receiving a response from a responding peer on the 
peer-to-peer network indicating that the responding peer has the requested resource (See Peng 
Col. 5 Step 2); retrieving the requested resource from the responding peer (See Peng Col. 6 Step 
4); and verifying the retrieved resource by ensuring the retrieved resource contains the version 
identifier embedded therein (See Peng Col. 6 Step 6a), however, Peng failed to disclose the 
broadcasted request being broadcasted to a plurality of peers. 

Delaney teaches that in a server based system, downloading all data from one server can 
overwhelm the server (See Delaney Col. 1 Lines 26-35). Delaney- further teaches a system in 
which a broadcast request for data is sent to a plurality of peers and one peer that has the 
requested data responds to the request (See Delaney Col. 7 Line 10 - Col. 8 Line 20 and Fig. 
2B). 

It would have been obvious to the ordinary person skilled in the art at the time of 
invention to employ the teachings of Delaney in the synchronization system of Peng by 
broadcasting the request for each object to a plurality of peers and receiving the requested object 
from one of the peers. This would have been obvious because the ordinary person skilled in the 
art would have been motivated to protect the servers from being overwhelmed by download 
requests. 



Application/Control Number: 09/921,543 Page 5 

Art Unit: 2131 

15. Regarding claim 4, the combination of Peng and Delaney disclosed installing said 
resource (See Peng Col. 6 Step 6b, and Col 15 Step 9). 

16. Regarding claim 5, the combination of Peng and Delaney disclosed retrieving a catalog 
containing a listing of resources (See Peng Col. 5 Step 2). 

17. Regarding claim 6, the combination of Peng and Delaney disclosed comparing the Usting 
of resources with resources installed at the requesting peer to determine which resources are to 
be requested over the peer-to- peer network (See Peng Cols. 5-6 Step 3). 

18. Regarding claim 7, the combination of Peng and Delaney disclosed requesting each 
resource to be requested in a separate transaction such that each resource to be requested may be 
retrieved from a same or different responding peer (See Delaney Col. 7 Lines 13-18). 

19. Regarding claim 15, the combination of Peng and Delaney disclosed a computer program 
product for securely sharing resources over a peer-to- peer network (See Peng Col. 9 Lines 39- 
42), comprising: computer code that broadcasts a single request to a plurality of peers by a 
requesting peer for a resource over the peer-to-peer network wherein the request contains an 
identification of the resource and the resource identification contains a resource version 
identifier; computer code that receives a response from a responding peer on the peer- to-peer 
network indicating that the responding peer has the requested resource; computer code that 
retrieves the requested resource from the responding peer; computer code that verifies the 
retrieved resource by ensuring the retrieved resource contains the version identifier embedded 
therein; and a computer readable medium that stores said computer codes (See the rejection of 
claim 1 above and further it was inherent that the application was comprised in a computer 
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readable medium in order for the code to have been executed and for the system to have 
operated). 

20. Regarding claim 18, the combination of Peng and Delaney disclosed computer code that 
installs said resource (See the rejection of claim 4 above), 

21. Regarding claim 19, the combination of Peng and Delaney disclosed computer code that 
retrieves a catalog containing a listing of resources (See the rejection of claim 5 above). 

22. Regarding claim 20, the combination of Peng and Delaney disclosed computer code that 
compares the listing of resources with resources installed at the requesting peer to determine 
which resources are to be requested over the peer-to-peer network (See the rejection of claim 6 
above). 

23. Regarding claim 21, the combination of Peng and Delaney disclosed computer code that 
requests each resource to be requested in a separate transaction such that each resource to be 
requested may be retrieved from a same or different responding peer (See the rejection of claim 7 
above). 

24. Regarding claim 22, the combination of Peng and Delaney disclosed that the responding 
peer scans a list of local aliased copies to determine if the responding peer has a local version of 
the requested resource (See Delaney Col. 7 Lines 26-39). 

25. Regarding claim 23-24, the combination of Peng and Delaney disclosed that the 
responding peer waits a predetermined randomly generated period of time before responding that 
the responding resource has the requested resource (See Delaney Col. 7 Lines 26-39). 



Application/Control Number: 09/92 1 ,543 Page 7 

Art Unit: 2131 

26. Regarding claim 25, the combination of Peng and Delaney disclosed that after receiving 
the response, the requesting peer broadcasts a message to the pluraUty of peers that the requested 
resource has been found (See Delaney Col. 10 Lines 26-35). 

27. Claims 2, and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over the 
combination of Peng and Delaney as applied to claims 1, and 15 above, and further in view of 
Shostack et al. (US Patent Number 6,298,445) hereinafter referred to as Shostack. 

Peng and Delaney disclosed verifying the received updates (See the rejection of claim 1 
above), but failed to disclose verifying a digital signature of the update. 

Shostack teaches an updating system should verify the integrity of updates by checking a 
digital signature of the update upon receipt of the update and prior to installing the update (See 
Shostack Fig. 4A Step 1 10, Fig. 7 and Col. 10 Line 58 - Col. 1 1 Line 4). 

It would have been obvious to the ordinary person skilled in the art at the time of 
invention to employ the teachings of Shostack in the updating system of Peng and Delaney by 
verifying a digital signature of each update after receipt and prior to installing the update. This 
would have been obvious because the ordinary person skilled in the art would have been 
motivated to protect the recipient from update files that had been maliciously tampered with, as 
well as to prevent security vuhierabilities in the recipient. 

28. Claims 3, and 17 are rejected under 35 U.S.C. 103(a) as being unpatentable over the 
combination of Peng, Delaney, and Shostack as appUed to claims 2, and 16 above, and fiirther in 
view of Verisign (Verisign gets US approval for 128-bit key certificates export). 
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Peng, Delaney, and Shostack disclosed verifying a digital signature of an update file (See 
rejection of claim 2 above), but failed to disclose the digital signature being a 1024-bit Verisign 
digital signature. 

Verisign teaches that a 1024-bit Verisign digital signature provides digital signatures for 
today's strongest cryptographic technologies (See Verisign Page 2 Lines 22-25). 

It would have been obvious to the ordinary person skilled in the art at the time of 
invention to employ the teachings of Verisign in the updating system of Peng, Delaney and 
Shostack by using a 1024-bit Verisign digital signature for verifying the updates. This would 
have been obvious because the ordinary person skilled in the art would have been motivated to 
provide the best security for the updates. 

29. Claims 8 and 1 1 are rejected under 35 U.S.C. 103(a) as being unpatentable over Radatti 
(US Patent AppUcation Publication 2002/0170052), and further in view of Delaney. 

Regarding claim 8, Radatti disclosed a product updating service for automatic and secure 
updating of a product installed at a node of a network (See Radatti Abstract), comprising: 
automatically downloading a catalog containing a current listing of resources for the product at a 
predetermined time (See Radatti Paragraphs 0013, 0036, and 0038-0044, and 0053 and 0092), 
each resource being identified by a resource version identifier (See Radatti Paragraph 0041); 
comparing the listing of resources in the catalog with resources installed at the node to determine 
which resources are to be requested over the network (See Radatti Paragraphs 0068 and 0094); 
requesting each resource to be requested in a separate transaction over the network (See Radatti 
Paragraphs 0069 and 0094 and Fig 2), retrieving each resource to be requested in the network 
and the Internet (See Radatti Paragraph 0069 and Fig. 2); and verifying each retrieved resource 
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by ensuring the retrieved resource contains the version identifier embedded therein (See Radatti 
Paragraph 0093-0094), however, Radatti failed to disclose broadcasting the request for code over 
a peer-to-peer network and receiving the code from a member of the peer-to-peer network. 

Delaney teaches that in a server based system, downloading all data from one server can 
overwhelm the server (See Delaney Col. 1 Lines 26-35). Delaney further teaches a system in 
which a broadcast request for data is sent to a plurality of peers and one peer that has the 
requested data responds to the request (See Delaney Col. 7 Line 10 - Col. 8 Line 20 and Fig. 
2B). 

It would have been obvious to the ordinary person skilled in the art at the time of 
invention to employ the teachings of Delaney in the product updating system of Radatti by 
broadcasting the request for code to a plurality of peers and receiving the requested code from 
one of the peers. This would have been obvious because the ordinary person skilled in the art 
would have been motivated to protect the servers from being overwhelmed by download 
requests. ~ 

30. Regarding claim 1 1, the combination of Radatti and Delaney disclosed installing each of 
the retrieved resources (See Radatti Paragraphs 0069-0070). 

31. Claims 9, and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over the 
combination of Radatti and Delaney as applied to claim 8 above, and further in view of Shostack. 

Radatti and Delaney disclosed verifying the received code (See the rejection of claim 8 
above), but failed to disclose verifying a digital signature of the code. 
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Shostack teaches an updating system should verify the integrity of updates by checking a 
digital signature of the update upon receipt of the update and prior to installing the update (See 
Shostack Fig. 4 A Step 1 10, Fig. 7 and Col 10 Line 58 - Col. 1 1 Line 4). 

It would have been obvious to the ordinary person skilled in the art at the time of 
invention to employ the teachings of Shostack in the updating system of Radatti and Delaney by 
verifying a digital signature of each update after receipt and prior to installing the update. This 
would have been obvious because the ordinary person skilled in the art would have been 
motivated to protect the recipient from update files that had been maUciously tampered with, as 
well as to prevent security vulnerabilities in the recipient. 

32. Claims 10, and 14 are rejected under 35 U.S.C. 103(a) as being unpatentable over the 
combination of Radatti, Delaney, and Shostack as applied to claims 9, and 13 above, and further 
in view of Verisign. 

Radatti, Delaney, and Shostack disclosed verifying a digital signature of an update code 
(See rejection of claim 9 above), but failed to disclose the digital signature being a 1024-bit 
Verisign digital signature. 

Verisign teaches that a 1024-bit Verisign digital signature provides digital signatures for 
today's strongest cryptographic technologies (See Verisign Page 2 Lines 22-25). 

It would have been obvious to the ordinary person skilled in the art at the time of 
invention to employ the teachings of Verisign in the updating system of Radatti, Delaney, and 
Shostack by using a 1024-bit Verisign digital signature for verifying the updates. This would 
have been obvious because the ordinary person skilled in the art would have been motivated to 
provide the best security for the updates. 
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Response to Arguments 

33. Applicant's arguments filed 3/30/2005 have been fully considered but they are not 
persuasive. Applicants argue primarily that: 

i. Peng did not disclose broadcasting request to a plurality of peers. 

ii. Peng did not disclose updating a "product". 

iii. Peng did not disclose requesting each resource such that each resource 
could be downloaded from a different peer. 

34. Applicant's arguments with respect to claims 1-1 1, and 13-21 have been considered but 
are moot in view of the new ground(s) of rejection. 

Conclusion 

35. Claims 1-25 have been rejected. 

36. The prior art made of record and not relied upon is considered pertinent to apphcant's 
disclosure. 

a. Schleicher et al. (US Patent Application Publication 2002/0138744) disclosed a 
system for providing secure peer-to-peer file delivery involving digitally signing each 
version of a file to ensure the integrity of the file. 

b. Reiher et al. ("Peer-to-Peer Reconciliation Based RepUcation for Mobile 
Computers") disclosed a system which provides file updates upon request without the 
utilization of a central server. 

c. Fanning et al. (US Patent Number 6,742,023) disclosed a peer-to-peer file sharing 
system. 
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37. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 . 136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

38. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Matthew T, Henning whose telephone number is (571) 272-3790. 
The examiner can normally be reached on M-F 8-4, 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 



Application/Control Number: 09/921,543 



Page 13 



Art Unit: 2131 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for pubHshed applications 
may be obtained from either Private PAIR or PubUc PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 




Matthew Henning 
Assistant Examiner 
Art Unit 2131 
6/16/2005 




